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CONFIGURING VIRTUAL LANS ON LAYER 2 



Firlf ^th«> invention 

m Th ^venti OTre .at K .ob ri d^gofv i r to nocal»r«^o*s.a„dU ore 
particularly to aaslgning virtue! ports on a node to *t* locals networks. 



ground, n( invention 
M Bridges between separate .oca, area networks (LAN! a,,ow 
Uses eU— (CPE, within each LAN to — -* «ch,o*«. 
L accord! with the 80,1, VLAN — a Virtual LAN (VLAN) can 1* 
„ up ,0 *w CFEs in different LANs to _»cate as if «hey weis withm 
ft. same LAN, using transparent bridging. The «nspa«n« nidging may be 
p IOT ided by Asynchronous Transfer Mode (ATM) nodes within ar, ATM 
network. Each ATM node includes one or more Ethernet cards, each of which is 
phvacatty connected to an Ethernet swHch through a physical port ^ the 
Ethernet card or to an Ethernet card on a different ATM node. Each! 802.!, 
Ethernet port allows VLAN configuration Each VLAN * composed of a 
plurality of virtual ports, for example one dedicated virtual tiridge port and 64 
virtual ATM ports, 

[03] The ATM node stores a member set, a forbidden set, and an untagged set 
for each of a number of VLANs, each set containing zero or more virtual ports. 
The member set and forbidden set of each VLAN are exclusive of each other, in 
that each virtual port canbelong to either the member set or the forbidden set of 
a given VLAN, but not both. A virtual port can however be associated with 
more than one VLAN, the set to which it belongs being generally independent 
for each VLAN. For example, a given virtual port may belong to theimember 
set of a first VLAN, and to a forbidden set of a second VLAN- 
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M When an AIM node receives a VLAN tagged a-'*- « ™ * " 
Ethernet switch, the ATM node notes that the frame is VLAN »gged *td r*ds 
VLAN identification OD, of the frame. The ATM determmes ft. wtual 
ports wiftin fte member set associated with fte VLAN ID of the reeved 
Lme.andsendsaeopyofftefran^toeachvir^portwiftinftememb^s,, 

one ofter ATM node, and arrive a, an Ethernet switch within the second IAN. 
The Ethernet switch ften forwards the frame to destination CPEs. 
, 05 ) VLANs must be configured a, fte ATM nodes, in order to identity the 
Liber set, forbidden set, and untaxed set of each VLAN. VLA* are 
Really configured manually. An operator feme* into a node and opens a 
Ndde Tormina! Management Interface session. Using command hue mfcrface 
commands, the operator seiects a physical pot, by entering -he shelf, s*L and 
port number. The operator enters a VLAN ID. The operator selects tme of 
member set, untagged set, or forbidden set and enters the virtua. por* to be 
associated with that set for fte VLAN ID. The operator may repeat ftrsior the 
other two set, The operator repeats this for each physical port, and for each 

i 

node in the network. 

[06] This manual configuration is a time consuming and tedious process. 
Furthermore, no error checking is done. As a result, invalid VLAN IDsknay be 
inadvertently used, a VLAN may be inadvertently assigned on a physital port 
which can no, support any additional VLANs. and invalid virtual ports-may be 
inadvertently associated with the VLAN. A configuration method o« system 
which removes fte tedium of manual configuration and which performs error 
choking would allow more efficient and reliable configuration of VliANs on 
ATM nodes. 
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Q„ m mary of invent! B 

m In accordance with one aspect of the invention, a memod is provided for 
providing configuration information for a bridged virtual food area network 
(VUW) «idun a communication network, comprising the steps oft preson»ng a 
graphical user interface (GUI); receiving an identification of a node and; of a 
Z^al port through .he « receiving a validafcd VLAN configuration 
Jlugh me GUI; and transmitting ,he vaUdated VLAN configuration „ *e 
node. H» step of receiving a vatidated VLAN configuration may c omp n* the 
steps of; receiving an identification of zero or more virtua! ports belongu* to 
forbidden set of .he VIAN; receiving an identification of zero or mo* virtual 
ports belonging to an untagged set of me VLAN; and ensuring mat .he member 
set and me forbidden set have no virtual ports in common. 

[081 In accordance with another aspect of the invention, processdrs are 
provided for carrying out the methods described above. ' 

,09] The method and apparatus of me present invention allow art operator .0 
provide vaUdated VLAN configuration information to a node, such as an ATM 
swit*, within a communication system. The GUI allows the operator to Meet a 
node and physical port and to assign virtual ports to the member set of the 
VLAN without having to enter command line interface commands, thereby 
saving time. Assignment of virtual ports to the member set is carried out m a 
„ ay that ensures vaUdity and uniqueness of set assignment, thereby improvmg 
reliability of the configuration information. , 

ttripf desc rir rinn nf *** tlTawingS 

110] The features and advantages of the invention will become more apparent 
from the foUowing detailed description of the preferred embodiments) wrth 
reference to the attached figures, wherein: 

FIG. 1 is a block diagram of a portion of a communication network; 
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FIG. 2 is a block diagram of a portion of an Ethernet card located on an 
ATM node of FIG. 1; and 

FIG 3 is a flowchart of a method by which the network management 
system of FIG. 1 provides VLAN configuration information to an ATM node 
according to one embodiment of the invention; and 

i 

FIG 4 is a flowchart of an expansion of the step of receiving a validated 
configuration of FIG. 3 according to one embodiment of the invention. ; 
[nl It will be noted that in the attached figures, like features bear similar 
labels. 

i 
i 

Pgtaaed descr-p*™. of the embodiments 

[12] Referring to FIG. 1, a block diagram of a portion of a communication 
network is shown. A network management system (NMS) U is coupled to an 
Asynchronous Transfer Mode (ATM) network 12. The ATM network 12 
includes a plurality of ATM nodes 14, only two of which are shown m FIG. 1. 
Each ATM node 14 includes at least one Ethernet card 16. Each Ethernet card 16 
is coupled to a corresponding Ethernet switch 18. Each Ethernet switdh 18 is 
coupled to a corresponding plurality of customer premises equipment (CPE) 
sets 20, only one of which is shown in FIG. 1 for each Ethernet switch 18. : 

113] To set up a Virtual Local Area Network (VLAN) 22 to include the CPEs 
20 connected to the two separate Ethernet switches 18, each Ethernet card 
provides a Virtual Channel Connection (VCC) termination 24. The Ethernet 
switches 18 are physically connected to the Ethernet cards 16, and a VCC 26 is 
established between the two VCC terminations 24 in order to bridge fthe two 
Ethernet switches 18. 

[141 Referring to FIG. 2, a block diagram of a portion of an Ethernet card 16 
located on an ATM node is shown. The Ethernet card 16 includes at least one 
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physical port 40. only one of which is shown in FIG. 2. The physical port 40 . 
physically connect .o an Ethernet switch 18. Each physical port 40 is.also 
coup,*, to a respective Ethernet bridge 42. Each Ethernet bridge 42 . 
associaK d with 65 bridge ports, or virtual ports, one of which is a LAN bridge 
port LI and 64 of which are virtual ATM ports A1..A64. The virtua. ports 
provide the VCC terminations 24 of FIG. 1. ATM connections terminating on 
the Ethernet bridge 42 ace specified using a Virtual Path Identifier hajg a 
value equal to a Virtual Connection Number, which is "1". "2", "3", or "4 , and 
using a Virtual Channel Identifier equal to An, where B-1...64. 
MS] The NMS 10 includes instructions for configuring a VLAN on: ATM 
nodes within me ATM network. In me preferred embodiment, the instructions 
m in the form of software within memory of a personal computer, b« may 
more generally be in the form of any combination of software or hardware 
wHhin a processor, including hardware within an integrated circmt; The 
processor neecl no, be a single device, but rather the instructions cotild be 
located In more ttian one device, including a distributed system. 

m Referring to FIG. 3, a flowchart of a memod by whifch the NMS 10 of 
FIG 1 provides VLAN configuration information to an ATM node 14 ac^ordmg 
to one embodiment of the invention is shown. At step 50 the NMS presents a 
graphical user interface (GUI) to an operator. The GUI allows the operator to 
select an ATM node and a physical port within the ATM node by using a 
graphical interface rather lhan by using a command fine interface. Atlstep o2 
tire NMS receives, through the GUI, an identification of an ATM node and of a 
physical port within the ATM node. At step 54 the NMS queries the ATM node 
for a list of current VLAN configurations for VLANs which are currently 
configured on the ATM node. At step 56 the NMS stores the current VLAN 
configurations at the NMS as stored VLAN configurations, for example Within a 
database. At step 58 the NMS determines, by counting the number of VLANs 
for which current VLAN configurations were received from the ATM node, 
whether addition of a new VLAN would exceed a maximum number or VLANs 
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supportable by the physical port. If a new VLAN would exceed the maxirhum 
number of supportable VLANs, the NMS awaits receipt of an idenoficauon of 
another ATM node and physical port combination at step 52. ^ 

[171 If configuration of the requested VLAN would not exceed the maximum 
number of supportable VLANs, then at step 62 the NMS receives a validated 
configuration for the VLAN. The validated configuration is, a list of vntual 
ports within each of the member set, forbidden set, and untagged set for the 
VLAN being configured, and a VLAN identification (ID) of >he VLAN. The 
validated configuration is validated in that each virtual port within the Ethernet 
bridge associated with the VLAN is listed in only one of the member set aud the 
forbidden set of the VLAN, and the VLAN ID is valid. The step 62 of giving 
a validated configuration therefore includes a configuration validation aspect, 
one embodiment of which is described below with respect to HG. 4. 

[18] At step 64 the NMS sends the valid configuration to the ATM node. The 
ATM node will then update its configuration database to reflect the inewly 
configured VLAN. At step 66 the NMS updates its own database, to include the 
newly configured VLAN. The NMS then awaits entry of another identifccauon 
of an ATM node and physical port pair. [ 

[191 Exit and break points have not been included in the flowchart of jFlG. 3. 
The fusion and location of these within the instructions carried out! by the 
NMS will be obvious to a person skilled in the art. 

[20] Referring to FIG. 4, a flowchart of an expansion of the-step 62 of HG. 3 of 
receiving a validated coronation according to one embodiment! of the 
invention is shown. At step 80, the NMS initializes the member set, forbidden 
set and untagged set of the VLAN to be empty, and iniHali.es an available set 
to include all virtual ports of the Ethernet bridge associated with the physical 
port At step 82 the NMS receives a requested VLAN identification (ID), 
entered by the operator at the GUI. At step 84 the NMS determines whether the 
jested VLAN ID is a valid. The NMS makes this de^rrnmation by 
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„• . to stored VLAN configurations. If to requested VLAN H* has 
consulting to stored WW P ^ stored VLAN 

already been assigned to a VLAN assoaareu 

Y ,. ^ vi an ID is not valid and the NMS requests 

configurations/ then the requested VLAN ID is not va . 

a new requested VLAN ID at step 82- j 

nn „ ft. guested VLAN ID is valid, then a, step 86 to NMS receives an 
[21] utnereq identification of as least 

identification of at least one selected virtual port. The » 
one selected virtue! port is entered by the operator through *e « GUI 
presents die vutual ports to the operator as lists of virtual ports » ead. set, that 
f al of virtual ports in to avauable set, a H* of virtua, ports in die mentor 
r ,L of virtJl ports in to forbidden set, and a Us, o, virtual ports M- 
lagged set. * operator selects the a, leas, one selectod virtual port by 
highlighting one or more virtual ports wiflun one of more of ,he b*. 
U| At Stop 88 me NMS receives a large, set. entered by to operator dlrough 
fte GUI. the taxget se, will be one of die member set, die. forbidden je, to 
mugged set, and to available set At step 90 the NMS removes each of to 
select virtus, ports from the respective se, to which each one currently 
belongs. A, step 92 die NMS adds each of the selectod virtual ports to to target 
se, The NMS then awaits receipt of an additional a, least one selectodl virtual 
nort a, step 86. If the NMS ever receives no selected virtual port at stop 86, such 
Twhen die operator has finished identifying the s«s to which virtual E™ 
to be assigned, die NMS sends the coniiguraaon to the ATM node a, * P 64 of 
FIG. 3. 

[231 Jn mis way, each virtual port can belong to a, most one of the meinber set 
and to forbidden se, during configuration. Each virtual port is initial*, stored 
in the available set of virtual ports, and can only ever belong to one set. The 
operator cart also see a. a glance which virtual ports have been assigned to 
which sets, and can easily make corrections. 
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[241 The invention has been described with respect to an ATM network 
providing the bridging between the Ethernet LANs. Alternatively, other lj>rpes 
of networks and nodes can be used. 

[25] The invention has been described with respect to configuring ai new 
VLAN. The invention can also be used to reconfigure an existing VLAN. In 
such an embodiment, the operator selects an option to reconfigure a VLA& and 
specifies a VLAN ID. The step 80 of FIG, 4 of initializing the sets initializes the 
member set forbidden set and untagged set vising the configiiration 
information for the VLAN stored at step 56 of FIG. 3. The steps 82 and 84 of 
receiving and validating a new VLAN ID are omitted. 

[26] The embodiments presented are exemplary only and (persons skilled in 
the art would appreciate that variations to the above described embodiments 
may be made without departing from the spirit of the invention. lVIethods 
which are logically equivalent or similar to the method described above with 
reference to FIG. 3 and FIG, 4 may be used to implement iihe method^ of the 
invention. For example, the steps 82 and 84 of FIG. 4 may be combined into a 
single step of receiving a validated VLAN ID, by allowing the operator tlo select 
a VLAN ID only from a list of unused VLAN IDs. The scop6 of the invention is 
solely defined by the appended claims. 1 



